I’ve been thinking about giving up my mail servers for a while. After many years of getting great satisfaction from running my own, I’m thinking of letting Google run them for me. Economies of scale means Google can do a much better job than I ever could, and for a very great price. For $12 a year, Google will be my MX servers. I won’t have to upgrade software, worry about them going offline, or think about virus scanning.

The service I refer to is Postini. Google will accept my incoming mail, then forward it to my mail servers. In short, they act as my front end. At present, I have two public mail servers (nyi.unixathome.org and supernews.unixathome.org), one of which also acts as my IMAP server (nyi). I will continue to use that IMAP server and let it accept mail from Google.

More importantly, Google can deal with all the spam filtering, virus scanning, and other mundane tasks that go with running a mail server. I have no doubt they’ll do it better than I do.

My first step towards Postini is remove nyi was a mail server and replace it with another mail server which is underutilized. I do this so I will always have two public MX servers for the domains which I have not yet moved to Postini. I want to restrict incoming smtp connections to nyi. I can’t do that if it’s acting as a public MX.

I am pretty sure I could keep using nyi as a public MX and not go through the intermediate step, but I think there is more risk associated with that choice.

I am now installing amavisd and clamav on latens. That should be done within a hour or so. Then I’ll configure Postfix in the same manner as supernews is configured. Both of them accepted incoming mail and forwarded it to nyi, which delivers the mail to my mailbox on that server and then acts as a IMAP server. By the end of this procedure, nyi will not be accepting incoming mail from anyone but my two mail servers supernews and latens.

I will also be changing the MX records for all of my domains: removing nyi as an MX and adding latens. I’ll then need to wait for the DNS changes to propagate before changing anything on nyi with respect to incoming connections.